Post-Quantum Cryptography and Digital Forensics for Blockchain Systems: Pre

Speaker: Prof. Dr. Jongsung Kim

Affiliation: Departments of Financial Information Security & Information Security, Kookmin University, Seoul, South Korea

Chair: Taeshik Shon

The convergence of quantum computing advancement, blockchain technology proliferation, and evolving digital forensics requirements presents unprecedented challenges and opportunities for information security. This presentation surveys recent developments (2024-2025) in post-quantum cryptography standardization and blockchain forensics methodologies, examining how organizations can prepare for quantum threats while maintaining forensic capabilities in decentralized systems. As quantum computers progress toward cryptographically relevant scales and blockchain-based applications expand across finance, supply chain, healthcare, and government services, the intersection of these technologies demands urgent attention from researchers, practitioners, and policymakers.

Quantum computing fundamentally threatens the cryptographic foundations underpinning contemporary information security. Shor's algorithm enables quantum computers to factor large integers and compute discrete logarithms exponentially faster than classical computers, breaking the RSA, Diffie-Hellman, and elliptic curve cryptography that protect virtually all internet communications, digital signatures, and secure storage. While cryptographically relevant quantum computers—machines capable of breaking 2048-bit RSA within hours—do not yet exist, current projections suggest such capabilities may emerge within the next ten to fifteen years. However, adversaries can implement "harvest now, decrypt later" strategies, capturing encrypted communications today for decryption once quantum computers become available. This threat timeline necessitates immediate migration to quantum-resistant cryptography despite quantum computers remaining in developmental stages.

The National Institute of Standards and Technology (NIST) has led a comprehensive, transparent post-quantum cryptography (PQC) standardization process spanning eight years and involving global cryptographic community participation. In August 2024, NIST published the first three finalized PQC standards: FIPS 203 specifying Module-Lattice-Based Key Encapsulation Mechanism (ML-KEM, based on CRYSTALS-Kyber), FIPS 204 specifying Module-Lattice-Based Digital Signature Algorithm (ML-DSA, based on CRYSTALS-Dilithium), and FIPS 205 specifying Stateless Hash-Based Digital Signature Algorithm (SLH-DSA, based on SPHINCS+). A fourth standard for FALCON (FN-DSA) is planned for late 2024. In early 2025, NIST selected Hamming Quasi-Cyclic (HQC), a code-based key encapsulation mechanism, as an additional standard to provide algorithmic diversity complementing the lattice-based ML-KEM.

This presentation provides comprehensive technical analysis of these standardized algorithms, examining their mathematical foundations, security proofs, and performance characteristics. ML-KEM constructs key encapsulation on the hardness of the Module Learning With Errors (MLWE) problem, a structured lattice problem believed resistant to both classical and quantum attacks. Performance benchmarks demonstrate key generation, encapsulation, and decapsulation operations completing in microseconds on modern processors, comparable to elliptic curve cryptography. ML-DSA similarly leverages module lattices for digital signatures, achieving signature generation and verification in milliseconds with signature sizes ranging from 2.5 to 4.5 kilobytes depending on security parameter selection. SLH-DSA provides stateless signatures based purely on hash functions, requiring no secret state maintenance and offering strongest security assurances at cost of larger signature sizes (approximately 8 to 50 kilobytes) and slower signing operations.

HQC's selection as an additional KEM standard reflects NIST's commitment to cryptographic diversity—relying exclusively on lattice-based schemes creates concentrated risk if lattice problem hardness assumptions prove incorrect or novel attack algorithms emerge. HQC bases security on error-correcting codes, specifically the decoding problem for quasi-cyclic codes. This mathematical foundation differs fundamentally from lattice problems, providing hedge against potential cryptanalytic breakthroughs. The presentation examines performance trade-offs between ML-KEM and HQC, analyzing appropriate deployment contexts for each algorithm based on security requirements, computational resources, and bandwidth constraints.

Practical migration to post-quantum cryptography presents substantial challenges spanning protocol redesign, implementation validation, and cryptographic agility. Legacy systems employing hardcoded cryptographic algorithms require software updates to support PQC; in many embedded systems and IoT devices, such updates prove infeasible, necessitating hardware replacement. Public-key infrastructure (PKI) migration requires coordinated updates across certificate authorities, revocation services, and relying parties. Protocol modifications address increased public key and signature sizes—a 2048-bit RSA public key occupies 256 bytes, while ML-KEM public keys range from 800 to 1,568 bytes depending on security level, potentially causing protocol fragmentation or performance degradation in bandwidth-constrained environments.

NIST's transition timeline provides structured guidance for organizational migration. From 2024 through 2030, organizations should evaluate their cryptographic inventories, identify quantum-vulnerable systems, and begin phased PQC adoption in new deployments while maintaining classical cryptography support through hybrid approaches. By 2030, NIST plans to deprecate algorithms providing only 112-bit security, requiring organizations to deploy quantum-resistant alternatives for security-critical applications. By 2035, full transition to PQC is expected with legacy algorithms disallowed except in carefully constrained legacy support scenarios. This timeline acknowledges migration complexity while emphasizing urgency given potential quantum computing emergence.

The presentation addresses implementation security considerations critical for PQC deployment. Side-channel attacks extracting secret keys through timing analysis, power consumption, or electromagnetic emanations require constant-time implementations and physical protections. Lattice-based schemes face unique vulnerabilities including failure boosting attacks that exploit decryption failures to recover secret keys, necessitating secure parameter selection and error-handling procedures. Cryptographic module validation programs including NIST's Cryptographic Module Validation Program (CMVP) and Korea's Cryptographic Module Validation Program (KCMVP) establish conformance testing ensuring implementations correctly instantiate standardized algorithms.

Blockchain technology has transformed digital transactions through decentralized consensus, immutability, and transparency, supporting applications spanning cryptocurrency, supply chain tracking, medical records, identity management, and smart contracts. However, blockchain cryptography faces acute quantum vulnerability—most blockchain systems employ elliptic curve digital signature algorithms (ECDSA) for transaction authentication, which Shor's algorithm breaks. A quantum adversary could forge transactions, double-spend cryptocurrency, or impersonate legitimate users, fundamentally undermining blockchain security properties. Furthermore, blockchain immutability prevents retroactive security upgrades—quantum-vulnerable transactions recorded on current blockchains cannot be cryptographically strengthened post-facto.

Post-quantum blockchain architectures under active development employ PQC for transaction signing and block validation. Performance evaluation reveals trade-offs between security and efficiency—lattice-based signatures provide favorable performance but increase transaction sizes by factors of three to ten compared to ECDSA, potentially impacting blockchain throughput and storage requirements. Hash-based signatures offer strongest security assurances but impose even larger size overhead. Hybrid approaches combining classical and post-quantum signatures during transition periods enable gradual migration while maintaining backward compatibility. The presentation examines several blockchain platforms implementing PQC including quantum-resistant cryptocurrency prototypes and enterprise blockchain frameworks supporting configurable cryptographic suites.

Digital forensics for blockchain systems presents unique challenges stemming from decentralization, pseudonymity, and cryptographic protection. Traditional digital forensics relies on centralized data repositories and trusted intermediaries—financial transaction records from banks, communication logs from service providers. Blockchain systems distribute data across decentralized networks with no authoritative record keeper, complicating evidence collection. Pseudonymous addresses obscure real-world identities, hindering investigator attribution of illicit activities to specific individuals or organizations. Smart contract complexity enables sophisticated criminal schemes—mixing services to obscure transaction origins, decentralized exchanges avoiding know-your-customer requirements, ransomware payment in cryptocurrency.

This presentation introduces comprehensive forensic investigation frameworks for blockchain and decentralized storage systems. The framework encompasses evidence identification across multiple sources: on-chain data including transaction history, smart contract code, and block metadata; off-chain data from wallet software, exchange accounts, and auxiliary services; network-level data including peer-to-peer communications and node discovery traffic; and environmental data from seized devices, cloud storage, and communication platforms. Collection methodologies preserve evidentiary integrity through cryptographic hashing, timestamping, and chain-of-custody documentation compatible with legal admissibility standards.

Analysis techniques leverage blockchain transparency to trace fund flows, identify transaction patterns indicative of money laundering or fraud, and cluster addresses likely controlled by common entities. Graph analysis algorithms identify communities in transaction networks, revealing relationships between actors and highlighting central nodes warranting investigation. Machine learning classifiers distinguish licit from illicit transactions based on behavioral features including transaction amounts, timing patterns, and mixing service utilization. Smart contract analysis through static and dynamic techniques identifies vulnerabilities exploited in thefts or detects malicious code implementing scams.

Case studies demonstrate practical application of blockchain forensics methodologies. A cryptocurrency phishing investigation traces stolen funds through multiple exchanges and mixing services, ultimately identifying cash-out points where proceeds converted to fiat currency, enabling law enforcement intervention. A copyright infringement case involving illegal content distribution through InterPlanetary File System (IPFS) with Filecoin applies forensic framework to identify content uploaders, storage providers retaining illicit data, and gateway operators facilitating access. A smart contract-based Ponzi scheme investigation analyzes contract code and transaction patterns to identify operators, quantify victim losses, and trace fund movements for asset recovery.

Blockchain-based digital evidence preservation represents a constructive application of blockchain technology to forensics. Evidence management systems employ blockchain immutability to create tamper-evident audit trails documenting evidence collection, analysis, and transfer, addressing integrity concerns in legal proceedings. Each evidence artifact receives cryptographic hash recorded on blockchain with timestamp, providing verifiable proof of existence at specific time and chain-of-custody documentation. Permissioned blockchain architectures enable multi-agency evidence sharing while maintaining access controls and privacy protections. The presentation evaluates several blockchain forensics platforms demonstrating these capabilities in operational deployment.

Preparing for post-quantum era requires coordinated action across cryptographic research, standards development, implementation, and policy. Continued cryptanalysis of PQC candidates ensures long-term security through adversarial testing and security proof refinement. Algorithm diversification mitigates risks of concentrated reliance on specific mathematical problems through backup standards based on alternative assumptions. Implementation security research addresses side-channel protections and secure parameter selection. Migration planning and deployment guidance support organizational transitions to quantum-resistant cryptography. Educational initiatives ensure cryptographic engineers, security architects, and decision-makers understand PQC requirements and deployment options.

This comprehensive examination of post-quantum cryptography and blockchain digital forensics equips security professionals with understanding of quantum threats to contemporary cryptography, practical knowledge of NIST-standardized PQC algorithms, implementation guidance for quantum-resistant systems, forensic methodologies for blockchain investigations, and strategic roadmaps for navigating cryptographic transitions in an era of quantum computing emergence. The technical capabilities and strategic frameworks surveyed enable organizations to protect their systems, data, and users against both current and future threat landscapes.